Xen 4.17 is released

A new Xen version was released yesterday, and I wanted to write something to explain why it's important news.

What's inside this new release

It's already been a year since 4.16. So what about 4.17? As a very capable hypervisor with a very interesting design, Xen is used widely, even outside the datacenter. Thanks to Arm and Xilinx (now AMD) as important contributors, one can expect to find a lot of new stuff targeting the embedded world. If you want to take a look at that, feel free to check the official announcement:

Xen Project Releases Version 4.17 with Enhanced Security, Higher Performance, Improved Embedded Static Configuration and Speculative Mitigation Support - Xen Project
New version includes adoption of MISRA-C rules, static allocation and at-boot partitioning, with improved device throughput SAN FRANCISCO – December 14, 2022 –The Xen Project, an open source hypervisor hosted...

This new release also brings interesting stuff related to x86, our main area here with XCP-ng. Security related, there's now an improved speculative mitigation support, so you can know and control which mitigations are performed by Xen and others by your VM.

There's also interesting improvements on the PCI passthrough side, thanks to IOMMU superpage support (regardless of HVM or PV mode). Also, VMs can now used up to 12TiB or RAM without any security problems.

In the long run

We'll keep an eye on the "VirtIO-Grant" project, providing a de facto standard (which is virtio) support in Xen while keeping it secure thanks to Xen grants. If you forgot what grants are, you are lucky, go read this article:

Grant Table in Xen
Take a deep dive inside the Xen grant table mechanism, and why it’s central in XCP-ng.

There's also various changes that will help to build new features, but you'll know more about these in the coming months 😉

Our part

It's also the first release where we've been directly involved. We are committed to do more and more inside the Xen Project. XCP-ng isn't meant to "just" be an integrated virtualization solution, but more than that. You can read about our existing contributions in the project tracking side here:

Project & Release Tracking for Xen - Part 1
See how we are helping the Xen Project to organize their future releases and features, by providing our experience and time on project and release tracking.

But we obviously have a LOT more to come in the Xen code base, that will be in the next release. We are working on the RISC-V Xen port, modernizing the Xen metrics (using Open Metrics), working on DPU integration through a VFIO equivalent, and many other things!

Also, we have big announcements to make early in 2023 regarding the Xen Project, so stay tuned!